This Is How One Man Accidentally Destroyed the Internet 30 Years Ago

It all started with the Morris worm.

Back in November 1988, Robert Tappan Morris, son of the famous cryptographer Robert Morris Sr., was a 20-something graduate student at Cornell who wanted to know how big the internet was — that is, how many devices were connected to it. So he wrote a program that would travel from computer to computer and ask each machine to send a signal back to a control server, which would keep count.

The program worked well — too well, in fact. Morris had known that if it traveled too fast there might be problems, but the limits he built in weren’t enough to keep the program from clogging up large sections of the internet, both copying itself to new machines and sending those pings back. When he realized what was happening, even his messages warning system administrators about the problem couldn’t get through.

See also: This Quantum Device Will Protect You From Cyberattacks to Make "True" Random Numbers

His program became the first of a particular type of cyberattack called “distributed denial of service,” in which large numbers of internet-connected devices, including computers, webcams, and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked.

Unpacking the Morris Worm

Worms and viruses are similar but different in one key way: A virus needs an external command, from a user or a hacker, to run its program. A worm, by contrast, hits the ground running all on its own. For example, even if you never open your email program, a worm that gets onto your computer might email a copy of itself to everyone in your address book.

Rising Threats

The internet remains subject to much more frequent — and more crippling — DDoS attacks. With more than 20 billion devices of all types, from refrigerators and cars to fitness trackers, connected to the internet, and millions more being connected weekly, the number of security flaws and vulnerabilities is exploding.

More organizations are also taking preventative action, adopting best practices in cybersecurity as they build their systems, rather than waiting for a problem to happen and trying to clean up afterward. If more organizations considered cybersecurity as an important element of corporate social responsibility, they — and their staff, customers, and business partners — would be safer.

Archaeologists Discovered the Remnants of the First Rager

In 3001: The Final Odyssey, science fiction author Arthur C. Clarke envisioned a future where humanity sealed the worst of its weapons in a vault on the moon — which included room for the most malignant computer viruses ever created. Before the next iteration of the Morris worm or Mirai does untold damage to the modern information society, it is up to everyone — governments, companies, and individuals alike — to set up rules and programs that support widespread cybersecurity, without waiting another 30 years.